New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
sucuri gave a shit ton of false positives and attackers were still getting through, in my experience
Thanks. Did you end up finding a solution?
Providing you leverage a pre-existing infrastructure / provider for their L3/L4 DDoS Mitigation then you can handle the L7 easily enough yourself providing your server has sufficient resources.
Take a look at my open source project: https://github.com/dbContext/SiteShield-OpenResty (I don't believe this is against TOS? if so, my bad)
It is essentially CloudFlare's "I'm Under Attack" page, except you can easily make the page instantly reload so it's basically invisible, it's a pretty basic JS challenge however it doesn't rely on cookies so it can't be manipulated as easily.
The above module + rate limits is more than sufficient, and the JS challenge also has kernel level IP blocking so once an attack is blocked, it has very little impact on the resource usage of your server.
I hope that helps.
I like the solution however my servers do not have l4 protection, and I do not have the knowledge to set this up
Fair enough, I would then suggest 4XB for the price you can't really get much better, their L7 DDoS Mitigation is very good, I would however say that from everything I've seen, their customer support/service is bad. https://www.x4b.net/kb/DashboardPages/EnhancedHTTPMitigation